Author Topic: Topic for kliudzew  (Read 2003 times)

0 Members and 1 Guest are viewing this topic.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Topic for kliudzew
« on: August 25, 2011, 02:01:56 AM »
please help, attached the report files.

Thanks in advice!
Cheers, Arunas.

####
@ kliudzew
Please Reply in this topic and give an outline of what your problem is, so we can get a better understanding of the problem. Once you do the other topic post http://forum.avast.com/index.php?topic=53253.msg681195#msg681195 will be deleted.
« Last Edit: August 25, 2011, 02:14:23 AM by DavidR »
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Topic for kliudzew
« Reply #1 on: August 25, 2011, 04:02:44 PM »
You will need to reinstall Avast on completion

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Quote
    :OTL
    PRC - [2011.08.24 23:24:21 | 000,382,464 | ---- | M] () -- C:\Windows\update.7.1\svchostdriver.exe
    SRV - File not found [Auto | Stopped] -- -- (LiveUpdate Notice Ex)
    SRV - [2011.08.24 23:24:21 | 000,382,464 | ---- | M] () [Auto | Running] -- C:\Windows\update.7.1\svchostdriver.exe -- (ddservice)
    IE - HKU\S-1-5-21-3958066275-1763255316-255783152-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.mywebsearch.com/index.jhtml?n=77C09F4F&ptnrS=RGxdm1708Aus&ptb=0FF7791D-AA71-4E67-8230-2F790EED16B5
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
    O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
    O4 - HKLM..\Run: [tray_ico] File not found
    O4 - HKLM..\Run: [tray_ico2] File not found
    O4 - HKLM..\Run: [tray_ico3] File not found
    O4 - HKLM..\Run: [tray_ico4] File not found
    O31 - SafeBoot: AlternateShell - services32.exe
    [2011.08.24 23:24:22 | 000,000,000 | -H-D | C] -- C:\Windows\update.7.1
    [2011.08.24 23:24:03 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
    [2011.08.24 23:01:26 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
    [2011.08.22 18:35:59 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
    [2011.08.22 18:32:32 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
    [2011.08.22 18:32:28 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0-lnk
    [2011.08.22 18:32:28 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0
    [2011.08.22 18:32:28 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-15-0-lnk
    [2011.08.22 18:32:28 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-15-0
    [2011.08.24 23:01:38 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
    [2011.08.24 23:01:38 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
    [2011.08.24 23:01:27 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
    [2011.08.24 23:01:39 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist
    [2011.08.24 23:01:38 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar
    [2011.08.24 23:01:38 | 000,246,272 | ---- | C] () -- C:\Windows\unrar.exe
    [2011.08.24 23:01:22 | 000,000,000 | ---- | C] () -- C:\Windows\loader2.exe_ok
    [2011.08.24 23:01:16 | 000,000,135 | ---- | C] () -- C:\Windows\info1
    [2011.08.22 18:18:30 | 001,213,440 | -H-- | M] () MD5=B8F3E2AEE9E0D7BCA1691165B5A2EBA1 -- C:\Windows\update.tray-15-0-lnk\svchost.exe
    [2011.08.22 18:18:30 | 001,213,440 | -H-- | M] () MD5=B8F3E2AEE9E0D7BCA1691165B5A2EBA1 -- C:\Windows\update.tray-7-0-lnk\svchost.exe

    :Reg

    :Files
    ipconfig /flushdns /c
    C:\Windows\services32.exe

    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN

Update and run Malwarebytes

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88895
  • No support PMs thanks
Re: Topic for kliudzew
« Reply #2 on: August 25, 2011, 04:28:36 PM »
Now all we need is kliudzew to join the party ;D
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security